"
love the answer lol thank you (the evil part) hence the opnsense will try all how it was instructed
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
23.7 Legacy Series / Re: best practice to create WAN/LAN with internet modem router
September 12, 2023, 09:47:36 PM #2
23.7 Legacy Series / Re: best practice to create WAN/LAN with internet modem router
September 12, 2023, 09:20:25 PM
will be also trying to isolate OPT1 onto singular machine (if that helps similar out there)
How to Configure OPNsense for a Directly Connected PC or Server
https://homenetworkguy.com/how-to/connect-pc-directly-to-opnsense-interface/
How to Configure OPNsense for a Directly Connected PC or Server
https://homenetworkguy.com/how-to/connect-pc-directly-to-opnsense-interface/
#3
23.7 Legacy Series / Re: best practice to create WAN/LAN with internet modem router
September 12, 2023, 06:24:23 PM
thanks for this so
internet modem -> switch (not ordinary but VLAN capable) -> Riverbed CX550 device (WLAN_0) port -> the rest (and network separation possible and therefore network isolation, the rest could differentiate between WAN and LAN OPT1 etc)
the sitc in the original post is just simple eth switch for 4 devices, the new VLAn capable switch sittinh in beteeen modem and CX550 would be special VLAN capable)
also modem has wireless capable network and so that would be separated unless one gets a wireless device and adds to LAN network I am assuming
do you have idea on VLAN model (economy) ? thanks much in advance
internet modem -> switch (not ordinary but VLAN capable) -> Riverbed CX550 device (WLAN_0) port -> the rest (and network separation possible and therefore network isolation, the rest could differentiate between WAN and LAN OPT1 etc)
the sitc in the original post is just simple eth switch for 4 devices, the new VLAn capable switch sittinh in beteeen modem and CX550 would be special VLAN capable)
also modem has wireless capable network and so that would be separated unless one gets a wireless device and adds to LAN network I am assuming
do you have idea on VLAN model (economy) ? thanks much in advance
#4
23.7 Legacy Series / best practice to create WAN/LAN with internet modem router
September 12, 2023, 06:13:47 PM
dear community
running Riverbed CX550 device (ports shown below) with internet modem ,
"best" configuration I got going is connect
1. modem to CX550 WAN_0 port (igb1 interface in opnsense)
2. CX550 LAN_0 port to switch (igb0 interface in opnsense)
3. CX550 PRI port to switch (igb4 interface in opnsense)
3. switch to a desktop
this way I can access opnsense URL
but above setup does not differentiate WAN and LAN and so if I want to set a rule protecting OPT1 interface saying only LAN interface can access it , thats not possible
given internet modem is just a DHCP giving address in 198.168.1.x and range is it even possible to perform some kind of differentiation between interfaces (LA vs WAN vs OPT1)
ie make only OPT1 accessible to to that switch from LAN interfaces , appears when I specify rule firewall logs denial appears all is running as WAN in above setup
https://support.riverbed.com/bin/support/static/aeohu4i9e68gucosmn6rcsvr1g/html/i38d87tifjq6og6l6i8c1s8m4n/sh_cx_9.5_icg_html/sh_cx_9.5_icg/images/155_front.jpg
running Riverbed CX550 device (ports shown below) with internet modem ,
"best" configuration I got going is connect
1. modem to CX550 WAN_0 port (igb1 interface in opnsense)
2. CX550 LAN_0 port to switch (igb0 interface in opnsense)
3. CX550 PRI port to switch (igb4 interface in opnsense)
3. switch to a desktop
this way I can access opnsense URL
but above setup does not differentiate WAN and LAN and so if I want to set a rule protecting OPT1 interface saying only LAN interface can access it , thats not possible
given internet modem is just a DHCP giving address in 198.168.1.x and range is it even possible to perform some kind of differentiation between interfaces (LA vs WAN vs OPT1)
ie make only OPT1 accessible to to that switch from LAN interfaces , appears when I specify rule firewall logs denial appears all is running as WAN in above setup
https://support.riverbed.com/bin/support/static/aeohu4i9e68gucosmn6rcsvr1g/html/i38d87tifjq6og6l6i8c1s8m4n/sh_cx_9.5_icg_html/sh_cx_9.5_icg/images/155_front.jpg
Pages1
